Fix relative links and address PR review feedback

- Fix relative links to sessions doc from subdirectories
- Fix doc URLs in error messages to use .html extension
- Strengthen ConfigureSessionOptions test with two requests proving
  per-request behavior

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: halter73

docs/concepts/elicitation/elicitation.md

@@ -172,7 +172,7 @@ Here's an example implementation of how a console application might handle elici
 
 ### URL Elicitation Required Error
 
-When a tool cannot proceed without first completing a URL-mode elicitation (for example, when third-party OAuth authorization is needed), and calling `ElicitAsync` is not practical (for example in [stateless](sessions/sessions.md) mode where server-to-client requests are disabled), the server may throw a <xref:ModelContextProtocol.UrlElicitationRequiredException>. This is a specialized error (JSON-RPC error code `-32042`) that signals to the client that one or more URL-mode elicitations must be completed before the original request can be retried.
+When a tool cannot proceed without first completing a URL-mode elicitation (for example, when third-party OAuth authorization is needed), and calling `ElicitAsync` is not practical (for example in [stateless](../sessions/sessions.md) mode where server-to-client requests are disabled), the server may throw a <xref:ModelContextProtocol.UrlElicitationRequiredException>. This is a specialized error (JSON-RPC error code `-32042`) that signals to the client that one or more URL-mode elicitations must be completed before the original request can be retried.
 
 #### Throwing UrlElicitationRequiredException on the Server
 

docs/concepts/logging/logging.md

@@ -46,7 +46,7 @@ MCP servers that implement the Logging utility must declare this in the capabili
 [Initialization]: https://modelcontextprotocol.io/specification/2025-11-25/basic/lifecycle#initialization
 
 Servers built with the C# SDK always declare the logging capability. Doing so does not obligate the server
-to send log messages—only allows it. Note that [stateless](sessions/sessions.md) MCP servers might not be capable of sending log
+to send log messages—only allows it. Note that [stateless](../sessions/sessions.md) MCP servers might not be capable of sending log
 messages as there might not be an open connection to the client on which the log messages could be sent.
 
 The C# SDK provides an extension method <xref:Microsoft.Extensions.DependencyInjection.McpServerBuilderExtensions.WithSetLoggingLevelHandler*> on <xref:Microsoft.Extensions.DependencyInjection.IMcpServerBuilder> to allow the

docs/concepts/transports/transports.md

@@ -131,7 +131,7 @@ app.MapMcp();
 app.Run();
 ```
 
-By default, the HTTP transport uses **stateful sessions** — the server assigns an `Mcp-Session-Id` to each client and tracks session state in memory. For most servers, **stateless mode is recommended** instead. It simplifies deployment, enables horizontal scaling without session affinity, and avoids issues with clients that don't send the `Mcp-Session-Id` header. See [Sessions](sessions/sessions.md) for a detailed guide on when to use stateless vs. stateful mode and how to configure session options.
+By default, the HTTP transport uses **stateful sessions** — the server assigns an `Mcp-Session-Id` to each client and tracks session state in memory. For most servers, **stateless mode is recommended** instead. It simplifies deployment, enables horizontal scaling without session affinity, and avoids issues with clients that don't send the `Mcp-Session-Id` header. See [Sessions](../sessions/sessions.md) for a detailed guide on when to use stateless vs. stateful mode and how to configure session options.
 
 A custom route can be specified. For example, the [AspNetCoreMcpPerSessionTools] sample uses a route parameter:
 
@@ -204,6 +204,6 @@ No additional configuration is needed. When a client connects using the SSE prot
 | Process model | Child process | Remote HTTP | Remote HTTP |
 | Direction | Bidirectional | Bidirectional | Server→client stream + client→server POST |
 | Session resumption | N/A | ✓ (stateful mode) | ✗ |
-| Stateless mode | N/A | ✓ ([recommended](sessions/sessions.md)) | ✗ |
+| Stateless mode | N/A | ✓ ([recommended](../sessions/sessions.md)) | ✗ |
 | Authentication | Process-level | HTTP auth (OAuth, headers) | HTTP auth (OAuth, headers) |
 | Best for | Local tools | Remote servers | Legacy compatibility |

src/ModelContextProtocol.AspNetCore/StreamableHttpHandler.cs

@@ -222,7 +222,7 @@ public async Task HandleDeleteRequestAsync(HttpContext context)
             await WriteJsonRpcErrorAsync(context,
                 "Bad Request: Mcp-Session-Id header is required for GET and DELETE requests when the server is using sessions. " +
                 "If your server doesn't need sessions, enable stateless mode by setting HttpServerTransportOptions.Stateless = true. " +
-                "See https://csharp.sdk.modelcontextprotocol.io/concepts/sessions for more details.",
+                "See https://csharp.sdk.modelcontextprotocol.io/concepts/sessions/sessions.html for more details.",
                 StatusCodes.Status400BadRequest);
             return null;
         }
@@ -308,7 +308,7 @@ await WriteJsonRpcErrorAsync(context,
                 await WriteJsonRpcErrorAsync(context,
                     "Bad Request: A new session can only be created by an initialize request. Include a valid Mcp-Session-Id header for non-initialize requests, " +
                     "or enable stateless mode by setting HttpServerTransportOptions.Stateless = true if your server doesn't need sessions. " +
-                    "See https://csharp.sdk.modelcontextprotocol.io/concepts/sessions for more details.",
+                    "See https://csharp.sdk.modelcontextprotocol.io/concepts/sessions/sessions.html for more details.",
                     StatusCodes.Status400BadRequest);
                 return null;
             }

tests/ModelContextProtocol.AspNetCore.Tests/StatelessServerTests.cs

@@ -266,14 +266,24 @@ public async Task ConfigureSessionOptions_RunsPerRequest_InStatelessMode()
         HttpClient.DefaultRequestHeaders.Accept.Add(new("application/json"));
         HttpClient.DefaultRequestHeaders.Accept.Add(new("text/event-stream"));
 
-        // First request: set the header so ConfigureSessionOptions creates the tool.
+        // First request with "alpha" — proves ConfigureSessionOptions runs and configures the tool.
         HttpClient.DefaultRequestHeaders.Add("X-Tool-Suffix", "alpha");
 
-        await using var client = await ConnectMcpClientAsync();
+        await using var client1 = await ConnectMcpClientAsync();
 
-        var toolResponse = await client.CallToolAsync("dynamicTool", cancellationToken: TestContext.Current.CancellationToken);
-        var content = Assert.Single(toolResponse.Content);
-        Assert.Equal("configured-alpha", Assert.IsType<TextContentBlock>(content).Text);
+        var toolResponse1 = await client1.CallToolAsync("dynamicTool", cancellationToken: TestContext.Current.CancellationToken);
+        var content1 = Assert.Single(toolResponse1.Content);
+        Assert.Equal("configured-alpha", Assert.IsType<TextContentBlock>(content1).Text);
+
+        // Second request with "beta" — proves ConfigureSessionOptions runs again with new request data.
+        HttpClient.DefaultRequestHeaders.Remove("X-Tool-Suffix");
+        HttpClient.DefaultRequestHeaders.Add("X-Tool-Suffix", "beta");
+
+        await using var client2 = await ConnectMcpClientAsync();
+
+        var toolResponse2 = await client2.CallToolAsync("dynamicTool", cancellationToken: TestContext.Current.CancellationToken);
+        var content2 = Assert.Single(toolResponse2.Content);
+        Assert.Equal("configured-beta", Assert.IsType<TextContentBlock>(content2).Text);
     }
 
     [McpServerTool(Name = "testSamplingErrors")]